CORRECT ANSWERS
Data Remanence - CORRECT ANSWER-The remains of
partial or even the entire data set of digital information
Disaster Recovery Planning (DRP) - CORRECT ANSWER-
Deals with restoring normal business operations after the
disaster takes place...works to get the business back to normal
Maximum tolerable downtime - CORRECT ANSWER-The
maximum period of time that a critical business function can be
inoperative before the company incurs significant and long-
lasting damage.
802.5 - CORRECT ANSWER-IEEE standard defines the Token
Ring media access method
Recovery Time Objective - CORRECT ANSWER-The balance
against the cost of recover and the cost of disruption
Resource Requirements - CORRECT ANSWER-portion of the
BIA that lists the resources that an organization needs in order
to continue operating each critical business function.
Checklist - CORRECT ANSWER-Test is one in which copies of
the plan are handed out to each functional area to ensure the
plan deal with their needs
Information Owner - CORRECT ANSWER-The one person
responsible for data, its classification and control setting
,Job Rotation - CORRECT ANSWER-To move from location to
location, keeping the same function
Differential power analysis - CORRECT ANSWER-A side-
channel attack carry-out on smart cards that examining the
power emission release during processing
Mitigate - CORRECT ANSWER-Defined as real-time
monitoring and analysis of network activity and data for
potential vulnerabilities and attacks in
progress.
Electromagnetic analysis - CORRECT ANSWER-A side-
channel attack on smart cards that examine the frequencies
emitted and timing
Analysis - CORRECT ANSWER-Systematic assessment of
threats and vulnerabilities that provides a basis for effective
management of risk.
Change Control - CORRECT ANSWER-Maintaining full control
over requests, implementation, traceability, and proper
documentation of changes.
Containment - CORRECT ANSWER-Mitigate damage by
isolating compromised systems from the network.
30 to 90 Days - CORRECT ANSWER-Most organizations
enforce policies to change password ranging from
Isochronous - CORRECT ANSWER-Process must within set
time constrains, applications are video related where audio and
video must match perfectly
Detection - CORRECT ANSWER-Identification and notification
of an unauthorized and/or undesired action
,Electronic Vaulting - CORRECT ANSWER-Periodic, automatic
and transparent backup of data in bulk.
Fault Tolerance - CORRECT ANSWER-Mitigation of system or
component loss or interruption through use of backup
capability.
Incremental - CORRECT ANSWER-A backup method use
when time and space are a high importance
Secure HTTP - CORRECT ANSWER-Protocol designed to
same individual message securely
Criminal - CORRECT ANSWER-Conduct that violates
government laws developed to protect society
Class C - CORRECT ANSWER-Has 256 hosts
RAID 0 - CORRECT ANSWER-Creates one large disk by using
several disks
Trade secrets - CORRECT ANSWER-Deemed proprietary to a
company and often include information that provides a
competitive edge, the information is protected as long the
owner takes protective actions
X.400 - CORRECT ANSWER-Active Directory standard
Prevention - CORRECT ANSWER-Controls deployed to avert
unauthorized and/or undesired actions.
Redundant Array Of Independent Drives (RAID) - CORRECT
ANSWER-A group of hard drives working as one storage unit
for the purpose of speed and fault tolerance
Proprietary - CORRECT ANSWER-Define the way in which the
organization operates.
, Gateway - CORRECT ANSWER-Used to connect two networks
using dissimilar protocols at different layers of the OSI model
Classification - CORRECT ANSWER-The assignment of a level
of sensitivity to data (or information) that results in the
specification of controls for each level of classification.
Data Integrity - CORRECT ANSWER-The property that data
meet with a priority expectation of quality and that the data can
be relied upon.
Alarm Filtering - CORRECT ANSWER-The process of
categorizing attack alerts produced from an IDS in order to
distinguish false positives from actual attacks
Coaxial Cable - CORRECT ANSWER-A cable consisting of a
core, inner conductor that is surrounding by an insulator, an
outer cylindrical conductor
Concentrator - CORRECT ANSWER-Layer 1 network device
that is used to connect network segments together, but
provides no traffic control (a hub).
Digital Signature - CORRECT ANSWER-An asymmetric
cryptography mechanism that provides authentication.
Eavesdropping - CORRECT ANSWER-A passive network
attack involving monitoring of traffic.
E-Mail Spoofing - CORRECT ANSWER-Forgery of the sender's
email address in an email header.
Emanations - CORRECT ANSWER-Potentially compromising
leakage of electrical or acoustical signals.